Hacking medical devices

What’s interesting here is that the researchers were able to do this using a black-box approach: they just used radio equipment to eavesdrop on wireless signals between the implantable devices and the equipment used to maintain and control those devices. The researchers weren’t privy to the communication protocols the vendors use to control the devices, but the researchers were able to reverse-engineer these protocols and then send command signals of their own. These protocols typically used poorly-implemented encryption or no encryption at all.

The equipment the researchers used doesn’t come cheap, nor does the researchers’ expertise. Still, this makes it at least theoretically possible to do several things regarding devices like these:

This isn’t entirely theoretical. Research like this has compelled at least one vendor to provide software upgrades to minimize these shortcomings. That’s probably an imperfect solution, but there are obviously some complications in providing firmware upgrades for already-deployed devices.

The radios in these implantable devices have a pretty short range, just around five meters. So your story’s character couldn’t run exploits like these from a great distance, but it provides some interesting possibilities.